Qmando
commented
8 years ago The first error is in the elasticsearch-py library. I'm not sure what the underlying cause of that is. You are using version 2.3.0, so you should also be using Elasticsearch 2.X. If you are using 1.X, use the 1.X version of the library. Try something like pip install elasticsearch-py==1.9.0 if that's the case.
As for the second one, that is an actual bug. I'll fix this soon. You could work around this temporarily by replacing that line (elastalert.py:782) with pass.
ERROR:root:Traceback (most recent call last): File "./elastalert.py", line 764, in run_all_rules num_matches = self.run_rule(rule, endtime, self.starttime) File "./elastalert.py", line 572, in run_rule if self.is_silenced(rule['name'] + key) or self.is_silenced(rule['name']): File "./elastalert.py", line 1264, in is_silenced self.handle_error("Error while querying for alert silence status: %s" % (e), {'rule': rule_name}) File "/usr/lib/python2.6/site-packages/elasticsearch-2.3.0-py2.6.egg/elasticsearch/exceptions.py", line 55, in str cause = ', %r' % self.info['error']['root_cause'][0]['reason'] TypeError: string indices must be integers
ERROR:root:Uncaught exception running rule Example keywords rule: string indices must be integers INFO:elastalert:Rule Example keywords rule disabled Traceback (most recent call last): File "./elastalert.py", line 1409, in
sys.exit(main(sys.argv[1:]))
File "./elastalert.py", line 1406, in main
client.start()
File "./elastalert.py", line 727, in start
self.run_all_rules()
File "./elastalert.py", line 782, in run_all_rules
logging.warning("Querying from %s to %s took longer than %s!" % (old_starttime, endtime, self.run_every))
UnboundLocalError: local variable 'old_starttime' referenced before assignment